<head><title>Please wait ...</title>
<?php
$UID=$_REQUEST["UID"];
$RID=$_REQUEST["RID"];
if(!isset($UID)||!isset($RID)) { ?> <body onLoad='alert("Invalid request source");self.history.go(-1);' /> <?php die();}
$con=mysql_connect("localhost","William");

if (!$con){
	die("MySQL Error " . mysql_error());
}
mysql_select_db("osa", $con); 

$query=mysql_query("SELECT * FROM user WHERE UID=$UID");
if(!$query) die("MySQL Error " . mysql_error());
$rowuser=mysql_fetch_array($query);
if(!$rowuser) die("Internal Error: User #$UID not found");
if($rowuser["password"]!=$_REQUEST["pwd"]){ ?>
</head><body onLoad='alert("Incorrect password!");self.location.href="/php/main.php";' /><?php die(); }
$query=mysql_query("SELECT * FROM resource WHERE RID=$RID");
if(!$query) die("MySQL Error " . mysql_error());
$row=mysql_fetch_array($query);
if(!$row) die("Internal Error: Resource #$RID not found");
if($row["UID"]!=$UID) die("Internal Error: User #$UID is not the owner of resource #$RID");
$query=mysql_query("DELETE FROM resource WHERE RID=$RID");
if(!$query) die("MySQL Error " . mysql_error());
$filename="../upload/".$row["path"];
if(!file_exists($filename)) die("Internal Error: File not found!");
if(!unlink($filename)) die("Error deleting resource #$RID"); ?>
<meta http-equiv='Refresh' content='5;url=/php/main.php'></head>
<body>File delete success.<br />
You will be redirected to the main page in 5 seconds ...
Click <a href='/php/main.php'>here</a> to go to the login page immediately.</body>
